FileCOPA < 6.01.01 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 5713

Synopsis

The remote FTP server is vulnerable to a directory traversal attack.

Description

The remote host is running FileCOPA, an FTP Server for Windows.

Versions of FileCOPA earlier than 6.01.01 are potentially affected by an unspecified directory traversal attack. An attacker, exploiting this flaw, could download arbitrary files subject to the privileges of the user running the affected application.

Solution

Upgrade to FileCOPA 6.01.01 or later.

See Also

http://h0wl.baywords.com/2010/11/08/filecopa-ftp-server-6-01-directory-traversal

Plugin Details

Severity: Medium

ID: 5713

File Name: 5713.prm

Family: FTP Servers

Published: 2010/11/19

Modified: 2016/01/21

Dependencies: 1803, 1804, 3222

Nessus ID: 11112, 50811

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.5

Temporal Score: 5.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 6.3

Temporal Score: 5.9

Vector: CVSS3#AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 2010/11/07

Vulnerability Publication Date: 2010/11/07

Reference Information

BID: 44759